[CentOS] Another Fedora decision
Warren Young
wyml at etr-usa.com
Thu Feb 5 00:04:46 UTC 2015
> On Feb 4, 2015, at 4:53 PM, Always Learning <centos at u64.u22.net> wrote:
>
> On C5 the default appears to be:-
>
> -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
Nope:
# rpm -q --dump setup|grep shadow
/etc/gshadow 0 1329943062 d41d8cd98f00b204e9800998ecf8427e 0100400 root root 1 0 0 X
/etc/shadow 0 1329943062 d41d8cd98f00b204e9800998ecf8427e 0100400 root root 1 0 0 X
This says it should be mode 400, as it is here on both of the local EL5 boxes I checked.
You have a serious security hole there, Always.
More information about the CentOS
mailing list